nuclei

mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-18 09:25:27 +00:00

Author	SHA1	Message	Date
Josh Soref	4c1c5301b9	Spelling (#4008 ) * spelling: addresses Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: asynchronous Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: basic Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: brute force Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: constant Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: disables Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: engine Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: every time Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: execution Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: false positives Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: from Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: further Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: github Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: gitlab Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: highlight Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: hygiene Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: ignore Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: input Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: item Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: itself Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: latestxxx Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: navigation Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: negative Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: nonexistent Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: occurred Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: override Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: overrides Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: payload Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: performed Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: respective Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: retrieve Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: scanlist Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: separated Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: separator Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: severity Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: source Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: strategy Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: string Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: templates Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: terminal Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: timeout Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: trailing slash Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: trailing Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> * spelling: websocket Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> --------- Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>	2023-08-02 00:03:43 +05:30
Mzack9999	e5154d362a	fixing payload load (#3927 ) * fixing payload load * Added tests for load payloads edge-case + fixed error * Added separate flags for network and file sandbox * Fixed tests for payload loader * Fixed integration tests locally * readme update --------- Co-authored-by: Ice3man <nizamulrana@gmail.com> Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>	2023-07-14 19:39:32 +05:30
Keith Chason	4d6080f3bc	"Executer" to "Executor" (#3760 ) * Fix spelling of "executer" to "executor" * minor change: use defer file.Close() --------- Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>	2023-06-01 02:28:10 +05:30
Mzack9999	0d2d510689	Adding support for constants (#3692 ) * adding support for constants * fixing typo * adding integration test * fixing lint issues * fixing template syntax	2023-05-25 22:02:35 +05:30
Shubham Rasal	449afc0c5c	Issue 3564 var override (#3599 ) * Check if the variables are override by other means - you can override the template variable value using command line flags * Update lazy eval logic - previously, we were checking any function/expression in variable - now, update the logic, lazy eval only if variable contains any protocol variable(global) * add integration tests * Add test to check the dsl function working in variable * gather all generate variables logic in utils * go mod update * Refactor the generate variables function * go mod update+ fix typo --------- Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io> Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>	2023-05-02 23:49:56 +05:30
Tarun Koyalwar	bf08913cd0	update logic + config management refactor (#3567 ) * adds template manager * refactor: checkpoint * centrailized config & template download logic * refactor removed unused code * use global template directory * update related bug fixes * bug fix create cfg dir if missing * fix lint error * bug fix skip writing template dir in callback * misc update * remove unused code * use strings.equalfold for comparison --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>	2023-04-19 21:58:48 +05:30
Shubham Rasal	45cc676f96	Evaluate payload variables (#3503 ) * Evaluate payload variables * Add variables evaluation * Extend variables test - to check evaluation of global variables in variables - to check evaluation of golbal variables in payload * Add default and cli variables to websocket, whois and dns proto - use url.Parse with urlutil.Parse	2023-04-12 01:50:58 +05:30
王一之	85090b7531	fix some json deserialization issues	2023-02-17 14:21:25 +08:00
Tarun Koyalwar	4aa2002e72	urlencode key characters only (#3150 ) * only encode key characters * improve test cases	2023-01-05 16:41:59 +05:30
Ice3man	e7fb40a413	Added sandboxing for payload files and requests	2022-11-16 13:49:24 +05:30
Mzack9999	1fbbca66f9	Adding support to scan all v4/v6 IPs (#2709 ) * Adding support to scan all v4/v6 IPs * adding tests * metainput prototype * using new signature * fixing nil pointer * adding request context with metadata * removing log instruction * fixing merge conflicts * adding clone helpers * attempting to fix ipv6 square parenthesis wrap * fixing dialed ip info * fixing syntax * fixing output ip selection * adding integration tests * disabling test due to gh ipv6 issue * using ipv4 only due to GH limited networking * extending metainput marshaling * fixing hmap key * adding test for httpx integration * fixing lint error * reworking marshaling/id-calculation * adding ip version validation * improving handling non url targets * fixing condition check	2022-11-09 18:48:56 +05:30
Ice3man	b9472cf7e1	Added fuzzing support for query params + var dump feature (#2679 ) * Added fuzzing support for query params + var dump feature * Added query-fuzz integration test * Fixed payloads + added keys-regex fuzz parameter * Fixed interactsh not working + misc * Fixed evaluation + added global variables/dsl support to payloads * Misc fixes related to variables evaluations * Added http variables support to fuzz * misc * Misc * Added testing playground + misc renaming * Added support for path and raw request to fuzzing * Fixed fuzz integration test * Fixed variable unresolved issue * Add multiple parameter support with same name * Added parameter value as 'value' dsl variable for parts Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>	2022-11-01 20:28:50 +05:30
Ice3man	d956f08cb9	Added attack-type option to override template attack-type (#2724 ) * Added attack-type option to override template attack-type * Added docs + integration tests	2022-10-19 03:51:45 +05:30
Mzack9999	781e4e6105	Shared Execution Context Prototype (#2576 ) * renaming var * Introducing shared execution context prototype * fixing field name * adding shared values propagation * adding shared context lock * add slice values normalization * adding integration tests * adding metadata support for dns * adding multi-protocol context sharing test * removing debug test files * moving contextargs around * adding comments * refactoring code - getter/setter for complex types - using pointers to avoid heap allocations	2022-10-03 15:42:20 +05:30
Ice3man	0be596efb4	Added variable debug support with debug mode (#2442 ) * Added variable debug support with debug mode * Added changes as per review comments * Fixed debug request condition	2022-08-25 15:37:03 +05:30
Ice3man	7875b06fc8	Added exclude-matchers support for template & matchers (#2218 ) * Added exclude-matchers support for template & matchers * Fixed panics due to typo * Added support for only template ID + misc cleanup	2022-06-24 23:09:27 +05:30
Mzack9999	cc37382519	Adding Client TLS1.0 (#2091 ) * Adding Client TLS1.0 * bumping fastdialer version	2022-06-04 17:45:16 +05:30
Sami	6ca4374f91	sonar category: String literals should not be duplicated (#1944 ) * sonar category: String literals should not be duplicated * lint error fix * better naming conventions for constants * improved naming conventions and methods	2022-05-12 15:40:14 +05:30
Mzack9999	2f1330345f	Adding global SNI support for HTTP protocol via CLI (#1964 ) * Adding global SNI support via CLI * adding integration test * adding cli option to docs * reverting deleted test	2022-05-11 16:00:39 +05:30
forgedhallpass	72af50155d	Typo fixes	2022-02-07 16:41:55 +02:00
Ice3man543	eb7c704d36	Merging from dev	2021-11-30 16:23:39 +05:30
Ice3man543	c720354be2	Added part definition information to docs + misc	2021-11-26 16:23:54 +05:30
forgedhallpass	7e22d70ded	refactor/documentation: typos and grammatical errors	2021-11-25 18:54:16 +02:00
forgedhallpass	47340f06b0	refactor: uniformly sorted imports	2021-11-25 17:09:20 +02:00
Ice3man543	caaa5c6594	Automatically generate docs for enum values	2021-11-25 19:34:01 +05:30
Ice3man	1581c96e4e	Added matched-status flag + template-path and url to output (#1272 ) * Added matched-status flag + template-path and url to output	2021-11-22 17:53:25 +05:30
Ice3man543	cdb08e0879	misc fixes to websocket	2021-11-12 04:44:02 +05:30
Ice3man543	5e6b6c6b14	Show errors on invalid URL typo	2021-11-08 17:56:14 +05:30
Ice3man543	8ad3ebcd05	Made code changes as per review comments	2021-11-05 03:01:41 +05:30
Ice3man543	f3675d547a	URL parsing addition for websocket URLs	2021-11-04 03:02:29 +05:30
Ice3man543	12321c23af	Splitting big function into small	2021-11-04 02:56:59 +05:30
Ice3man543	a60b10afca	Added an enum for attackType	2021-11-04 02:41:56 +05:30
Ice3man543	a7c8d0473c	Removed duplicate attackType logic + move attackType to generators	2021-11-04 02:28:48 +05:30
Ice3man543	91a7b4df6a	Validate opcode before proceeding with websocket	2021-11-03 20:08:11 +05:30
Ice3man543	645ae30a47	Moved to an enum for TemplateType in protocols	2021-11-03 19:53:45 +05:30
Ice3man543	390ca8b3c6	Merge from dev	2021-11-03 18:58:00 +05:30
Ice3man543	4a0229c13d	Websocket protocol rename	2021-11-03 18:36:54 +05:30

37 Commits